001 /** 002 * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved. 003 * 004 * This library is free software; you can redistribute it and/or modify it under 005 * the terms of the GNU Lesser General Public License as published by the Free 006 * Software Foundation; either version 2.1 of the License, or (at your option) 007 * any later version. 008 * 009 * This library is distributed in the hope that it will be useful, but WITHOUT 010 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 011 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 012 * details. 013 */ 014 015 package com.liferay.portal.security.permission; 016 017 import com.liferay.portal.model.User; 018 019 import java.util.List; 020 021 import javax.portlet.PortletRequest; 022 023 /** 024 * @author Brian Wing Shun Chan 025 */ 026 public interface PermissionChecker extends Cloneable { 027 028 public static final long[] DEFAULT_ROLE_IDS = {}; 029 030 public PermissionChecker clone(); 031 032 /** 033 * Returns the primary key of the user's company. 034 * 035 * @return the primary key of the user's company 036 */ 037 public long getCompanyId(); 038 039 public List<Long> getGuestResourceBlockIds( 040 long companyId, long groupId, String name, String actionId); 041 042 public List<Long> getOwnerResourceBlockIds( 043 long companyId, long groupId, String name, String actionId); 044 045 /** 046 * Returns the primary key of the owner role. This role is automatically 047 * given to the creator of a resource. 048 * 049 * @return the primary key of the owner role 050 */ 051 public long getOwnerRoleId(); 052 053 public List<Long> getResourceBlockIds( 054 long companyId, long groupId, long userId, String name, 055 String actionId); 056 057 /** 058 * Returns the primary keys of the roles the user has within the group. 059 * 060 * @param userId the primary key of the user 061 * @param groupId the primary key of the group 062 * @return the primary keys of the roles the user has within the group 063 */ 064 public long[] getRoleIds(long userId, long groupId); 065 066 public User getUser(); 067 068 /** 069 * Returns the primary key of the user. 070 * 071 * @return the primary key of the user 072 */ 073 public long getUserId(); 074 075 /** 076 * Returns <code>true</code> if the user is the owner of the resource and 077 * has permission to perform the action. 078 * 079 * @param companyId the primary key of the user's company 080 * @param name the resource's name, which can be either a class name or a 081 * portlet ID 082 * @param primKey the primary key of the resource 083 * @param ownerId the primary key of the resource's owner 084 * @param actionId the action ID 085 * @return <code>true</code> if the user is the owner of the resource and 086 * has permission to perform the action; <code>false</code> 087 * otherwise 088 */ 089 public boolean hasOwnerPermission( 090 long companyId, String name, long primKey, long ownerId, 091 String actionId); 092 093 /** 094 * Returns <code>true</code> if the user is the owner of the resource and 095 * has permission to perform the action. 096 * 097 * @param companyId the primary key of the user's company 098 * @param name the resource's name, which can be either a class name or a 099 * portlet ID 100 * @param primKey the primary key of the resource 101 * @param ownerId the primary key of the resource's owner 102 * @param actionId the action ID 103 * @return <code>true</code> if the user is the owner of the resource and 104 * has permission to perform the action; <code>false</code> 105 * otherwise 106 */ 107 public boolean hasOwnerPermission( 108 long companyId, String name, String primKey, long ownerId, 109 String actionId); 110 111 /** 112 * Returns <code>true</code> if the user has permission to perform the 113 * action on the resource. 114 * 115 * @param groupId the primary key of the group containing the resource 116 * @param name the resource's name, which can be either a class name or a 117 * portlet ID 118 * @param primKey the primary key of the resource 119 * @param actionId the action ID 120 * @return <code>true</code> if the user has permission to perform the 121 * action on the resource; <code>false</code> otherwise 122 */ 123 public boolean hasPermission( 124 long groupId, String name, long primKey, String actionId); 125 126 /** 127 * Returns <code>true</code> if the user has permission to perform the 128 * action on the resource. 129 * 130 * @param groupId the primary key of the group containing the resource 131 * @param name the resource's name, which can be either a class name or a 132 * portlet ID 133 * @param primKey the primary key of the resource 134 * @param actionId the action ID 135 * @return <code>true</code> if the user has permission to perform the 136 * action on the resource; <code>false</code> otherwise 137 */ 138 public boolean hasPermission( 139 long groupId, String name, String primKey, String actionId); 140 141 /** 142 * Returns <code>true</code> if the user has permission to perform the 143 * action on the resource without using guest permissions. 144 * 145 * @param groupId the primary key of the group containing the resource 146 * @param name the resource's name, which can be either a class name or a 147 * portlet ID 148 * @param primKey the primary key of the resource 149 * @param actionId the action ID 150 * @param checkAdmin whether to use permissions gained from administrator 151 * roles 152 * @return <code>true</code> if the user has permission to perform the 153 * action on the resource without using guest permissions; 154 * <code>false</code> otherwise 155 */ 156 public boolean hasUserPermission( 157 long groupId, String name, String primKey, String actionId, 158 boolean checkAdmin); 159 160 /** 161 * Initializes this permission checker. 162 * 163 * @param user the current user 164 */ 165 public void init(User user); 166 167 /** 168 * Returns <code>true</code> if guest permissions will be used in permission 169 * checks. 170 * 171 * @return <code>true</code> if guest permissions will be used in permission 172 * checks; <code>false</code> otherwise 173 */ 174 public boolean isCheckGuest(); 175 176 /** 177 * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(long)} 178 */ 179 public boolean isCommunityAdmin(long groupId); 180 181 /** 182 * @deprecated As of 6.1, renamed to {@link #isGroupOwner(long)} 183 */ 184 public boolean isCommunityOwner(long groupId); 185 186 /** 187 * Returns <code>true</code> if the user is an administrator of their 188 * company. 189 * 190 * @return <code>true</code> if the user is an administrator of their 191 * company; <code>false</code> otherwise 192 */ 193 public boolean isCompanyAdmin(); 194 195 /** 196 * Returns <code>true</code> if the user is an administrator of the company. 197 * 198 * @param companyId the primary key of the company 199 * @return <code>true</code> if the user is an administrator of the company; 200 * <code>false</code> otherwise 201 */ 202 public boolean isCompanyAdmin(long companyId); 203 204 /** 205 * Returns <code>true</code> if the user is an administrator of the group. 206 * 207 * @param groupId the primary key of the group 208 * @return <code>true</code> if the user is an administrator of the group; 209 * <code>false</code> otherwise 210 */ 211 public boolean isGroupAdmin(long groupId); 212 213 /** 214 * Returns <code>true</code> if the user is a member of the group. 215 * 216 * @param groupId the primary key of the group 217 * @return <code>true</code> if the user is a member of the group; 218 * <code>false</code> otherwise 219 */ 220 public boolean isGroupMember(long groupId); 221 222 /** 223 * Returns <code>true</code> if the user is the owner of the group. 224 * 225 * @param groupId the primary key of the group 226 * @return <code>true</code> if the user is the owner of the group; 227 * <code>false</code> otherwise 228 */ 229 public boolean isGroupOwner(long groupId); 230 231 /** 232 * Returns <code>true</code> if the user is a universal administrator. 233 * 234 * @return <code>true</code> if the user is a universal administrator; 235 * <code>false</code> otherwise 236 * @see com.liferay.portlet.admin.util.OmniadminUtil 237 */ 238 public boolean isOmniadmin(); 239 240 /** 241 * Returns <code>true</code> if the user is an administrator of the 242 * organization. 243 * 244 * @param organizationId the primary key of the organization 245 * @return <code>true</code> if the user is an administrator of the 246 * organization; <code>false</code> otherwise 247 */ 248 public boolean isOrganizationAdmin(long organizationId); 249 250 /** 251 * Returns <code>true</code> if the user is signed in. 252 * 253 * @return <code>true</code> if the user is signed in; <code>false</code> 254 * otherwise 255 */ 256 public boolean isSignedIn(); 257 258 /** 259 * @deprecated Does nothing 260 */ 261 public void resetValues(); 262 263 /** 264 * @deprecated Does nothing 265 */ 266 public void setValues(PortletRequest portletRequest); 267 268 }